Just a really quick thing for you to check - one of the users of a MVC admin system I administer complained that they were getting this error message, after a release:

System.Web.Mvc.HttpAntiForgeryException: The anti-forgery cookie token and form field token do not match.

It turns out they hadn't logged out and back in again since the release - as we are hosting the website on Azure, the machine key (which the AntiForgery stuff uses to validate) would have changed post-release, which is what was causing the issue.

Long story short, if you are getting this exception, it's worth seeing if refreshing your authentication / credentials will solve the issue.

Tags: MVC, HttpAntiForgeryException

2 Comments

• Min said Tuesday, 12 January 2016 9:26:03 a.m. Reply

  How do you refresh the authentication / credentials?

  • Henry said Thursday, 14 January 2016 8:34:19 p.m. Reply

    Log in or out (as mentioned in the post), or clear your browser history / do a hard refresh / CTRL+F5